Blackhat Arsenal Tools Vegas 2012 LineUp – toolswatch.org
I’m very pleased to announce that Blackhat Team has released the Lineup for Arsenal Floor Vegas 2012. In fact, after 2 months of collecting tools, I was incredibly amazed to see such great astonishing tools. 46% of them are to be announced during the event itself.

SIRACon – societyinforisk.org
The first SIRA Conference was held May 7th, 2012 in Saint Paul, MN. Thanks to all the speakers and attendees for making our inaugeral event a success!

Videos for ALL Cons – phx2600.org
I would love to have a somewhat convenient compiled list of all the cons out there that have videos, and the links to the page(s) that have the videos. I will post a list of my own that I have compiled so far. If anybody knows of any other ones please feel free to reply with it.

Resources

eHarmony Password Dump Analysis– blog.spiderlabs.com
Password cracking was performed on a custom built system using off-the-shelf parts totaling less than $1,500 utilizing three NVIDIA 460GTX graphics cards (GPUs) as the primary medium for the password cracking process.

All your ASUS servers iKVM/IPMI may belong to other!– pedromadias.wordpress.com
In this post i will describe how i found multiple implementation fails by ASUS that allows a remote attacker to grab user’s passwords and consequently access ASUS iKVM/IPMI equipped servers.

6 Weeks and 60,000 Passwords Later– securityblog.verizonbusiness.com
There were quite a few statistics that jumped out at me in this year’s data breach report, however one of them stuck in my head: 79% of all attacks were classified as “opportunistic”. We define opportunistic attacks in the report as “The victim isn’t specifically chosen as a target; they were identified and attacked because they exhibited a weakness the attacker knew how to exploit.”

How to Break Into Security, Ptacek Edition– krebsonsecurity.com
I decided to ask some of the brightest minds in the security industry today what advice they’d give. Almost everyone I asked said they, too, frequently get asked the very same question, but each had surprisingly different takes on the subject.

Exploiting Windows 2008 Group Policy Preferences – Expanded– rewtdance.blogspot.com
This follows on from the disclsoure http://esec-pentest.sogeti.com/exploiting-windows-2008-group-policy-preferences which discussed how Group Policy Preferences can be used to create Local Users on machines and the resulting passwords easily decrypted.

Hack Tips: CiscoWorks Exploitation– blog.opensecurityresearch.com
This article is the third in a series (See Hack Tips: Blackberry Enterprise Server and Hack Tips: Good For Enterprise) covering, step-by-step, practical post-exploitation tips that can be used to get the most out of various common network servers.

Password Audit of a Domain Controller– blog.cyberis.co.uk
Following on from our article on SAM retrieval without injection, a few people have asked if this technique is possible on a Domain Controller. Unfortunately, no, as account information, including hashes, are stored rather differently in Active Directory. The file in question is ntds.dit – an Extensible Storage Engine that basically stores all AD account information, including group membership, account status and importantly, password hashes.

Network Analysis With ProxyDroid, BurpSuite, and Hipster Dog– intrepidusgroup.com
My last post gave an overview of some options to setup your environment for Android network analysis. Of the winners that I pointed out, my personal favorite way to do an assessment (depending on the app) is to use ProxyDroid to forward network traffic to BurpSuite’s proxy.

Tools

LiME 1.1 Released– dfsforensics.blogspot.com
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android.

Analyzing PDF Malware – Part 3B– blog.spiderlabs.com
As the big blue letters above state, this is part 3B of the Analyzing PDF Malware series. If you haven’t read any of the preceding posts you can find them here: Part1, Part2, and Part3A.

Are We Completely Wiping That Hard Disk?– technibble.com
Is your client’s company disposing of old hardware, or do you have a client with sensitive data who desires complete and total erasure of data? Jackhammers, wrenches, and explosives may be more enjoyable methods of destruction, but what if the user would like to use the old hardware for non-sensitive data in another way, such as an external hard drive for storing personal data of a non-sensitive nature? DBAN it, right?

Why RSA is misleading about SecurID vulnerability– rdist.root.org
There’s an extensive rebuttal RSA wrote in response to a paper showing that their SecurID 800 token has a crypto vulnerability. It’s interesting how RSA’s response walks around the research without directly addressing it. A perfectly accurate (but inflammatory) headline could also have been “RSA’s RSA Implementation Contained Security Flaw Known Since 1998”.

Serious Web Vulnerabilities Dropped In 2011– it.slashdot.org
“It’s refreshing to see a security report from a security vendor that isn’t all doom-and-gloom and loaded with FUD. Web Application Security firm WhiteHat Security released a report this week (PDF) showing that the number of major vulnerabilities has fallen dramatically. Based on the raw data gathered from scans of over 7,000 sites, there were only 79 substantial vulnerabilities discovered on average in 2011. To compare, there were 230 vulnerabilities on average discovered in 2010, 480 in 2009, 795 in 2008, and 1,111 in 2007. As for the types of flaws discovered, Cross-Site Scripting (XSS) remained the number one problem, followed by Information Leakage, Content Spoofing, Insufficient Authorization, and Cross-Site Request Forgery (CSRF) flaws. SQL Injection, an oft-mentioned attack vector online – was eighth on the top ten.”

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.